-
9 months, 3 weeks agothelawsofchaos wrote a new post
Alert when ESCU updates detectionsThis query can set up an alert for when ESCU updates a detection, compared to the version you are using from clone. This requires ESCU v4.31.0 with the new […]
-
2 years, 8 months ago
thelawsofchaos wrote a new post
This dashboard will use REST API endpoints to grab a list of all indexes and then map out by sourcetype how many events when the first one was (based upon _time) and the last. Then does basic date math to show how […]
-
2 years, 11 months ago
thelawsofchaos changed their profile picture
-
2 years, 11 months ago
thelawsofchaos became a registered member
-
2 years, 11 months ago
thelawsofchaos became a registered member
